<!DOCTYPE html>
<html lang="zh-CN">
<head>
  <meta charset="UTF-8">
<meta name="viewport" content="width=device-width">
<meta name="theme-color" content="#222"><meta name="generator" content="Hexo 7.3.0">

  <link rel="apple-touch-icon" sizes="180x180" href="/images/apple-touch-icon-next-haha.png">
  <link rel="icon" type="image/png" sizes="32x32" href="/images/favicon-32x32-next-haha.png">
  <link rel="icon" type="image/png" sizes="16x16" href="/images/favicon-16x16-next-haha.png">
  <link rel="mask-icon" href="/images/logo.svg" color="#222">

<link rel="stylesheet" href="/css/main.css">



<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/7.0.0/css/all.min.css" integrity="sha256-VHqXKFhhMxcpubYf9xiWdCiojEbY9NexQ4jh8AxbvcM=" crossorigin="anonymous">
  <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.1.1/animate.min.css" integrity="sha256-PR7ttpcvz8qrF57fur/yAx1qXMFJeJFiA6pSzWi0OIE=" crossorigin="anonymous">

<script class="next-config" data-name="main" type="application/json">{"hostname":"ming.theyan.gs","root":"/","images":"/images","scheme":"Pisces","darkmode":false,"version":"8.25.0","exturl":false,"sidebar":{"position":"left","width_expanded":320,"width_dual_column":240,"display":"post","padding":18,"offset":12},"hljswrap":true,"codeblock":{"theme":{"light":"default","dark":"stackoverflow-dark"},"prism":{"light":"prism","dark":"prism-dark"},"copy_button":{"enable":false,"style":null},"fold":{"enable":false,"height":500},"language":false},"bookmark":{"enable":true,"color":"#222","save":"auto"},"mediumzoom":false,"lazyload":false,"pangu":false,"comments":{"style":"tabs","active":null,"storage":true,"lazyload":false,"nav":null},"stickytabs":false,"motion":{"enable":true,"async":false,"duration":200,"transition":{"menu_item":"fadeInDown","post_block":"fadeIn","post_header":"fadeInDown","post_body":"fadeInDown","coll_header":"fadeInLeft","sidebar":"fadeInUp"}},"prism":false,"i18n":{"placeholder":"搜索...","empty":"没有找到任何搜索结果：${query}","hits_time":"找到 ${hits} 个搜索结果（用时 ${time} 毫秒）","hits":"找到 ${hits} 个搜索结果"},"path":"/search.xml","localsearch":{"enable":true,"top_n_per_article":1,"unescape":false,"preload":false,"trigger":"auto"}}</script><script src="/js/config.js" defer></script>

    <meta name="description" content="What is HSTS HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. It allows web servers to">
<meta property="og:type" content="article">
<meta property="og:title" content="Nginx 下启用 HSTS">
<meta property="og:url" content="https://ming.theyan.gs/2018/01/Nginx%20%E4%B8%8B%E5%90%AF%E7%94%A8%20HSTS/index.html">
<meta property="og:site_name" content="运维烂笔头">
<meta property="og:description" content="What is HSTS HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. It allows web servers to">
<meta property="og:locale" content="zh_CN">
<meta property="article:published_time" content="2018-01-25T07:51:20.000Z">
<meta property="article:modified_time" content="2019-04-04T23:47:07.008Z">
<meta property="article:author" content="老杨">
<meta property="article:tag" content="https_proxy">
<meta property="article:tag" content="Nginx">
<meta property="article:tag" content="HSTS">
<meta property="article:tag" content="HTTPS">
<meta property="article:tag" content="HTTP">
<meta property="article:tag" content="add_header">
<meta property="article:tag" content="Strict-Transport-Security">
<meta name="twitter:card" content="summary">


<link rel="canonical" href="https://ming.theyan.gs/2018/01/Nginx%20%E4%B8%8B%E5%90%AF%E7%94%A8%20HSTS/">


<script class="next-config" data-name="page" type="application/json">{"sidebar":"","isHome":false,"isPost":true,"lang":"zh-CN","comments":true,"permalink":"https://ming.theyan.gs/2018/01/Nginx%20%E4%B8%8B%E5%90%AF%E7%94%A8%20HSTS/index.html","path":"2018/01/Nginx 下启用 HSTS/index.html","title":"Nginx 下启用 HSTS"}</script>

<script class="next-config" data-name="calendar" type="application/json">""</script>
<title>Nginx 下启用 HSTS | 运维烂笔头</title>
  
    <script async src="https://www.googletagmanager.com/gtag/js?id=UA-106574959-2"></script>
  <script class="next-config" data-name="google_analytics" type="application/json">{"tracking_id":"UA-106574959-2","only_pageview":false,"measure_protocol_api_secret":null}</script>
  <script src="/js/third-party/analytics/google-analytics.js" defer></script>

  <script src="/js/third-party/analytics/baidu-analytics.js" defer></script>
  <script async src="https://hm.baidu.com/hm.js?fdef9ded31bdb8b2dab08eddebdd5fed"></script>







  
  <script src="https://cdnjs.cloudflare.com/ajax/libs/animejs/3.2.1/anime.min.js" integrity="sha256-XL2inqUJaslATFnHdJOi9GfQ60on8Wx1C2H8DYiN1xY=" crossorigin="anonymous" defer></script>
<script src="/js/utils.js" defer></script><script src="/js/motion.js" defer></script><script src="/js/sidebar.js" defer></script><script src="/js/next-boot.js" defer></script><script src="/js/bookmark.js" defer></script>

  <script src="https://cdnjs.cloudflare.com/ajax/libs/hexo-generator-searchdb/1.5.0/search.js" integrity="sha256-xFC6PJ82SL9b3WkGjFavNiA9gm5z6UBxWPiu4CYjptg=" crossorigin="anonymous" defer></script>
<script src="/js/third-party/search/local-search.js" defer></script>







  




<!-- google adsense -->
<script data-ad-client="ca-pub-1045025618858716" async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>

  <noscript>
    <link rel="stylesheet" href="/css/noscript.css">
  </noscript>
<link rel="alternate" href="/atom.xml" title="运维烂笔头" type="application/atom+xml">
</head>

<body itemscope itemtype="http://schema.org/WebPage" class="use-motion">
  <div class="headband"></div>

  <main class="main">
    <div class="column">
      <header class="header" itemscope itemtype="http://schema.org/WPHeader"><div class="site-brand-container">
  <div class="site-nav-toggle">
    <div class="toggle" aria-label="切换导航栏" role="button">
        <span class="toggle-line"></span>
        <span class="toggle-line"></span>
        <span class="toggle-line"></span>
    </div>
  </div>

  <div class="site-meta">

    <a href="/" class="brand" rel="start">
      <i class="logo-line"></i>
      <p class="site-title">运维烂笔头</p>
      <i class="logo-line"></i>
    </a>
      <p class="site-subtitle" itemprop="description">一个 SA 老兵的工作日志</p>
  </div>

  <div class="site-nav-right">
    <div class="toggle popup-trigger" aria-label="搜索" role="button">
        <i class="fa fa-search fa-fw fa-lg"></i>
    </div>
  </div>
</div>



<nav class="site-nav">
  <ul class="main-menu menu"><li class="menu-item menu-item-projects"><a href="/projects" rel="section"><i class="fa fa-code fa-fw"></i>projects</a></li><li class="menu-item menu-item-home"><a href="/" rel="section"><i class="fa fa-home fa-fw"></i>首页</a></li><li class="menu-item menu-item-about"><a href="/about/" rel="section"><i class="fa fa-user fa-fw"></i>关于</a></li><li class="menu-item menu-item-tags"><a href="/tags/" rel="section"><i class="fa fa-tags fa-fw"></i>标签</a></li><li class="menu-item menu-item-categories"><a href="/categories/" rel="section"><i class="fa fa-th fa-fw"></i>分类</a></li><li class="menu-item menu-item-archives"><a href="/archives/" rel="section"><i class="fa fa-archive fa-fw"></i>归档</a></li><li class="menu-item menu-item-sitemap"><a href="/sitemap.xml" rel="section"><i class="fa fa-sitemap fa-fw"></i>站点地图</a></li><li class="menu-item menu-item-commonweal"><a href="/404/" rel="section"><i class="fa fa-heartbeat fa-fw"></i>公益 404</a></li>
      <li class="menu-item menu-item-search">
        <a role="button" class="popup-trigger"><i class="fa fa-search fa-fw"></i>搜索
        </a>
      </li>
  </ul>
</nav>



  <div class="search-pop-overlay">
    <div class="popup search-popup">
      <div class="search-header">
        <span class="search-icon">
          <i class="fa fa-search"></i>
        </span>
        <div class="search-input-container">
          <input autocomplete="off" autocapitalize="off" maxlength="80"
                placeholder="搜索..." spellcheck="false"
                type="search" class="search-input">
        </div>
        <span class="popup-btn-close" role="button">
          <i class="fa fa-times-circle"></i>
        </span>
      </div>
      <div class="search-result-container">
        <div class="search-result-icon">
          <i class="fa fa-spinner fa-pulse fa-5x"></i>
        </div>
      </div>
    </div>
  </div>

</header>
        
  
  <aside class="sidebar">

    <div class="sidebar-inner sidebar-nav-active sidebar-toc-active">
      <ul class="sidebar-nav">
        <li class="sidebar-nav-toc">
          文章目录
        </li>
        <li class="sidebar-nav-overview">
          站点概览
        </li>
      </ul>

      <div class="sidebar-panel-container">
        <!--noindex-->
        <div class="post-toc-wrap sidebar-panel">
            <div class="post-toc animated"><ol class="nav"><li class="nav-item nav-level-1"><a class="nav-link" href="#What-is-HSTS"><span class="nav-number">1.</span> <span class="nav-text">What is HSTS</span></a></li><li class="nav-item nav-level-1"><a class="nav-link" href="#Why"><span class="nav-number">2.</span> <span class="nav-text">Why</span></a></li><li class="nav-item nav-level-1"><a class="nav-link" href="#Howto"><span class="nav-number">3.</span> <span class="nav-text">Howto</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#%E9%85%8D%E7%BD%AE%E6%96%87%E4%BB%B6-inc-HSTS-conf"><span class="nav-number">3.1.</span> <span class="nav-text">配置文件 inc&#x2F;HSTS.conf</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#%E5%9C%A8%E5%90%88%E9%80%82%E7%9A%84%E4%BD%8D%E7%BD%AE-include-%E8%BF%99%E4%B8%AA%E9%85%8D%E7%BD%AE%E6%96%87%E4%BB%B6"><span class="nav-number">3.2.</span> <span class="nav-text">在合适的位置 include 这个配置文件</span></a></li></ol></li><li class="nav-item nav-level-1"><a class="nav-link" href="#%E8%BF%9B%E9%98%B6%E8%AF%9D%E9%A2%98"><span class="nav-number">4.</span> <span class="nav-text">进阶话题</span></a></li></ol></div>
        </div>
        <!--/noindex-->

        <div class="site-overview-wrap sidebar-panel">
          <div class="site-author animated" itemprop="author" itemscope itemtype="http://schema.org/Person">
  <p class="site-author-name" itemprop="name">老杨</p>
  <div class="site-description" itemprop="description">好记性比不过烂笔头</div>
</div>
<div class="site-state-wrap animated">
  <nav class="site-state">
      <div class="site-state-item site-state-posts">
        <a href="/archives/">
          <span class="site-state-item-count">114</span>
          <span class="site-state-item-name">日志</span>
        </a>
      </div>
      <div class="site-state-item site-state-categories">
          <a href="/categories/">
        <span class="site-state-item-count">8</span>
        <span class="site-state-item-name">分类</span></a>
      </div>
      <div class="site-state-item site-state-tags">
          <a href="/tags/">
        <span class="site-state-item-count">509</span>
        <span class="site-state-item-name">标签</span></a>
      </div>
  </nav>
</div>
  <div class="links-of-author animated">
      <span class="links-of-author-item">
        <a href="https://github.com/haw-haw" title="GitHub → https:&#x2F;&#x2F;github.com&#x2F;haw-haw" rel="noopener me" target="_blank"><i class="fab fa-github fa-fw"></i>GitHub</a>
      </span>
      <span class="links-of-author-item">
        <a href="mailto:blog@theyan.gs" title="E-Mail → mailto:blog@theyan.gs" rel="noopener me" target="_blank"><i class="fa fa-envelope fa-fw"></i>E-Mail</a>
      </span>
      <span class="links-of-author-item">
        <a href="https://weibo.com/u/1494877243" title="Weibo → https:&#x2F;&#x2F;weibo.com&#x2F;u&#x2F;1494877243" rel="noopener me" target="_blank"><i class="fab fa-weibo fa-fw"></i>Weibo</a>
      </span>
      <span class="links-of-author-item">
        <a href="https://twitter.com/6fool" title="Twitter → https:&#x2F;&#x2F;twitter.com&#x2F;6fool" rel="noopener me" target="_blank"><i class="fab fa-twitter fa-fw"></i>Twitter</a>
      </span>
  </div>

        </div>
      </div>
    </div>

    
    <div class="sidebar-inner sidebar-blogroll">
      <div class="links-of-blogroll animated">
        <div class="links-of-blogroll-title"><i class="fa fa-globe fa-fw"></i>
          链接
        </div>
        <ul class="links-of-blogroll-list">
            <li class="links-of-blogroll-item">
              <a href="https://bad-pencil.github.io/" title="https:&#x2F;&#x2F;bad-pencil.github.io" rel="noopener" target="_blank">github 镜像站</a>
            </li>
            <li class="links-of-blogroll-item">
              <a href="https://hawhaw.gitee.io/" title="https:&#x2F;&#x2F;hawhaw.gitee.io" rel="noopener" target="_blank">gitee 镜像站</a>
            </li>
        </ul>
      </div>
    </div>
  </aside>


    </div>

    <div class="main-inner post posts-expand">


  


<div class="post-block">
  
  

  <article itemscope itemtype="http://schema.org/Article" class="post-content" lang="zh-CN">
    <link itemprop="mainEntityOfPage" href="https://ming.theyan.gs/2018/01/Nginx%20%E4%B8%8B%E5%90%AF%E7%94%A8%20HSTS/index.html">

    <span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
      <meta itemprop="image" content="/images/avatar.gif">
      <meta itemprop="name" content="老杨">
    </span>

    <span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
      <meta itemprop="name" content="运维烂笔头">
      <meta itemprop="description" content="好记性比不过烂笔头">
    </span>

    <span hidden itemprop="post" itemscope itemtype="http://schema.org/CreativeWork">
      <meta itemprop="name" content="Nginx 下启用 HSTS | 运维烂笔头">
      <meta itemprop="description" content="">
    </span>
      <header class="post-header">
        <h1 class="post-title" itemprop="name headline">
          Nginx 下启用 HSTS
        </h1>

        <div class="post-meta-container">
          <div class="post-meta">
    <span class="post-meta-item">
      <span class="post-meta-item-icon">
        <i class="far fa-calendar"></i>
      </span>
      <span class="post-meta-item-text">发表于</span>

      <time title="创建时间：2018-01-25 15:51:20" itemprop="dateCreated datePublished" datetime="2018-01-25T15:51:20+08:00">2018-01-25</time>
    </span>
    <span class="post-meta-item">
      <span class="post-meta-item-icon">
        <i class="far fa-calendar-check"></i>
      </span>
      <span class="post-meta-item-text">更新于</span>
      <time title="修改时间：2019-04-05 07:47:07" itemprop="dateModified" datetime="2019-04-05T07:47:07+08:00">2019-04-05</time>
    </span>

  
</div>

        </div>
      </header>

    
    
    
    <div class="post-body" itemprop="articleBody"><h1 id="What-is-HSTS"><a href="#What-is-HSTS" class="headerlink" title="What is HSTS"></a>What is HSTS</h1><blockquote>
<p>HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. It allows web servers to declare that web browsers (or other complying user agents) should only interact with it using secure HTTPS connections,[1] and never via the insecure HTTP protocol. HSTS is an IETF standards track protocol and is specified in RFC 6797.</p>
</blockquote>
<blockquote>
<p>The HSTS Policy is communicated by the server to the user agent via an HTTPS response header field named “Strict-Transport-Security”.[2] HSTS Policy specifies a period of time during which the user agent should only access the server in a secure fashion.[3]</p>
</blockquote>
<p>以上来自于<a href="https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security" target="_blank" rel="noopener">维基百科</a></p>
<p>大概意思是说 HSTS 是一个 web 安全策略装置，用于保护 web 站点免受协议降级攻击和 cookie 劫持。</p>
<a id="more"></a>
<p>具体实现是在用户代理和 https 站点之间通讯时，通过服务器端发出来的 HTTPS response 头信息：“Strict-Transport-Security” 来实现的。</p>
<h1 id="Why"><a href="#Why" class="headerlink" title="Why"></a>Why</h1><p>为什么要做 HSTS？当然是为了安全。尤其是天朝这网络环境，无良运营商比比皆是，动辄给你劫持、篡改，为了避免这些无聊无耻人等的捣乱，推荐启用全站 HTTPS 并启用 HSTS。</p>
<h1 id="Howto"><a href="#Howto" class="headerlink" title="Howto"></a>Howto</h1><p>鉴于 web server 阵营大多已经都是 Nginx 了，这里也就讲下在 Nginx 中怎么启用 HSTS。</p>
<p>其实很简单：就是用 add_header 在 response 中添加一个“Strict-Transport-Security” 头嘛。说起来简单，但实际做起来还是有些弯弯道道的。</p>
<h2 id="配置文件-inc-HSTS-conf"><a href="#配置文件-inc-HSTS-conf" class="headerlink" title="配置文件 inc/HSTS.conf"></a>配置文件 inc/HSTS.conf</h2><p>单独做一个配置文件：inc/HSTS.conf，内容如下：</p>
<figure class="highlight nginx"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="attribute">add_header</span> Strict-Transport-Security <span class="string">"max-age=300; includeSubDomains"</span> always;</span><br></pre></td></tr></table></figure>
<p>上面配置大致解释下：</p>
<ol>
<li>max-age：缓存的时间，单位为妙</li>
<li>includeSubDomains：所有子域名都有效</li>
<li>还有个参数 preload，这里没设置，这是更狠一点的 HSTS 用法，稍后再讲</li>
<li>always：这其实是 add_header 的参数，意思是所有返回值的头都包含这个头信息（缺省是只有 200 等返回值才会带这个头的）</li>
</ol>
<h2 id="在合适的位置-include-这个配置文件"><a href="#在合适的位置-include-这个配置文件" class="headerlink" title="在合适的位置 include 这个配置文件"></a>在合适的位置 include 这个配置文件</h2><p>然后在虚拟机的配置文件中的合适位置 include 这个配置文件。这个就有学问了，注意以下两点：</p>
<ol>
<li>在 HTTPS 的 server 块里 include 这个配置文件<ul>
<li>有的文章里说要在 HTTP 的 server 块里也要 include 这个配置文件，我仔细查了下 rfc，确定是不需要的</li>
</ul>
</li>
<li>如果这个 server 的配置块里的某个 location 中有其他 add_header 语句，那么在这个 location 的配置里也需要 include 这个配置文件<ul>
<li>这是因为 nginx 中 add_header 命令的继承特性导致的，一般是会继承的，但是当某个 location 块中有其他 add_header 语句的话，上层的 add_header 指令不会被继承。</li>
</ul>
</li>
</ol>
<h1 id="进阶话题"><a href="#进阶话题" class="headerlink" title="进阶话题"></a>进阶话题</h1><p>前面有提到的参数 preload，的确有个功能叫 preload，大概意思是，有个数据库，其中的网站都是启用 HSTS 的，而一些主流浏览器都内置了对这个库的支持，所以呢，如果有人用这些浏览器访问这些网站，http 协议会直接内部强制转换成 https！</p>
<p>怎样把自己的网站域名加入到这个库里呢？</p>
<ol>
<li>要在自己网站上设置 http 到 https 的跳转</li>
<li>要在自己网站 https 启用 HSTS<ol>
<li>要启用 preload 参数</li>
<li>max-age 要长于一年</li>
<li>要有 includeSubDomains 参数</li>
</ol>
</li>
<li>然后提交就好了（<a href="https://hstspreload.org）" target="_blank" rel="noopener">https://hstspreload.org）</a></li>
</ol>

    </div>

    
    
    

    <footer class="post-footer">
          <div class="reward-container">
  <div>请我一杯咖啡吧！</div>
  <button>
    赞赏
  </button>
  <div class="post-reward">
      <div>
        <img src="/images/wechat-reward.png" alt="老杨 微信">
        <span>微信</span>
      </div>
      <div>
        <img src="/images/alipay-reward.png" alt="老杨 支付宝">
        <span>支付宝</span>
      </div>

  </div>
</div>

          <div class="followme">
  <span>欢迎关注我的其它发布渠道</span>

  <div class="social-list">

      <div class="social-item">
          <a target="_blank" class="social-link" href="https://twitter.com/6fool">
            <span class="icon">
              <i class="fab fa-twitter"></i>
            </span>

            <span class="label">Twitter</span>
          </a>
      </div>

      <div class="social-item">
          <a target="_blank" class="social-link" href="/atom.xml">
            <span class="icon">
              <i class="fa fa-rss"></i>
            </span>

            <span class="label">RSS</span>
          </a>
      </div>
  </div>
</div>

          <div class="post-tags">
              <a href="/tags/https-proxy/" rel="tag"># https_proxy</a>
              <a href="/tags/Nginx/" rel="tag"># Nginx</a>
              <a href="/tags/HSTS/" rel="tag"># HSTS</a>
              <a href="/tags/HTTPS/" rel="tag"># HTTPS</a>
              <a href="/tags/HTTP/" rel="tag"># HTTP</a>
              <a href="/tags/add-header/" rel="tag"># add_header</a>
              <a href="/tags/Strict-Transport-Security/" rel="tag"># Strict-Transport-Security</a>
          </div>

        

          <div class="post-nav">
            <div class="post-nav-item">
                <a href="/2018/01/Linux%20shell%20%E4%B8%8B%E4%BD%BF%E7%94%A8%E4%BB%A3%E7%90%86%EF%BC%88Proxy%EF%BC%89%E4%B8%8A%E7%BD%91%E7%9A%84%E8%AE%BE%E7%BD%AE%E6%96%B9%E5%BC%8F/index.html" rel="prev" title="Linux shell 下使用代理（Proxy）上网的设置方式">
                  <i class="fa fa-angle-left"></i> Linux shell 下使用代理（Proxy）上网的设置方式
                </a>
            </div>
            <div class="post-nav-item">
                <a href="/2018/03/%E4%B8%80%E6%AC%A1powerdns%E4%B8%8A%E6%9F%90%E4%B8%AAzone%E4%BC%A0%E8%BE%93%E5%A4%B1%E8%B4%A5%E7%9A%84%E9%97%AE%E9%A2%98%E7%9A%84%E8%A7%A3%E5%86%B3%E8%BF%87%E7%A8%8B/index.html" rel="next" title="一次powerdns上某个zone传输失败的问题的解决过程">
                  一次powerdns上某个zone传输失败的问题的解决过程 <i class="fa fa-angle-right"></i>
                </a>
            </div>
          </div>
    </footer>
  </article>
</div>






</div>
  </main>

  <footer class="footer">
    <div class="footer-inner">

  <div class="copyright">
    &copy; 
    <span itemprop="copyrightYear">2025</span>
    <span class="with-love">
      <i class="fa fa-heart"></i>
    </span>
    <span class="author" itemprop="copyrightHolder">老杨</span>
  </div>
  <div class="powered-by">由 <a href="https://hexo.io/" rel="noopener" target="_blank">Hexo</a> & <a href="https://theme-next.js.org/pisces/" rel="noopener" target="_blank">NexT.Pisces</a> 强力驱动
  </div>

    </div>
  </footer>

  
  <div class="toggle sidebar-toggle" role="button">
    <span class="toggle-line"></span>
    <span class="toggle-line"></span>
    <span class="toggle-line"></span>
  </div>
  <div class="sidebar-dimmer"></div>
  <div class="back-to-top" role="button" aria-label="返回顶部">
    <i class="fa fa-arrow-up fa-lg"></i>
    <span>0%</span>
  </div>
  <a role="button" class="book-mark-link book-mark-link-fixed"></a>

<noscript>
  <div class="noscript-warning">Theme NexT works best with JavaScript enabled</div>
</noscript>

</body>
</html>
